| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2026-55431 | Coder's session token leaked to arbitrary hosts via `coder open app` for external workspace apps | coder | coder | High | 7.7 | 2026-07-08 00:10:49 | Deep Dive |
| CVE-2026-59997 | OpenSSH 10.4前版本internal-sftp参数处理不当 | OpenBSD | OpenSSH | Medium | 4.2 | 2026-07-08 00:09:05 | Deep Dive |
| CVE-2026-59996 | OpenSSH 10.4以下scp远程目录遍历漏洞 | OpenBSD | OpenSSH | Medium | 4.2 | 2026-07-08 00:07:08 | Deep Dive |
| CVE-2026-59995 | OpenSSH 10.4以下SFTP路径约束绕过漏洞 | OpenBSD | OpenSSH | Medium | 4.2 | 2026-07-08 00:04:50 | Deep Dive |
| CVE-2026-55430 | Coder's subdomain workspace app routing trusts unauthenticated X-Forwarded-Host header, enabling cross-app data access | coder | coder | Medium | 5.8 | 2026-07-08 00:03:30 | Deep Dive |
| CVE-2026-55429 | Coder's workspace app upsert allows cross-workspace agent rebinding via user-controlled app ID | coder | coder | High | 8.7 | 2026-07-08 00:00:34 | Deep Dive |
| CVE-2026-24698 | Cisco RV130/RV110W命令注入漏洞 | - | - | - | - | 2026-07-08 00:00:00 | Deep Dive |
| CVE-2026-24700 | Cisco RV130/RV110W固件OS命令注入漏洞 | - | - | - | - | 2026-07-08 00:00:00 | Deep Dive |
| CVE-2026-24697 | Cisco RV130/RV110W固件OS命令注入漏洞 | - | - | - | - | 2026-07-08 00:00:00 | Deep Dive |
| CVE-2026-24699 | Cisco RV130/RV110W命令注入漏洞 | - | - | - | - | 2026-07-08 00:00:00 | Deep Dive |
| CVE-2026-50812 | SQLite 3.53.1会话扩展空指针解引用拒绝服务漏洞 | - | - | - | - | 2026-07-08 00:00:00 | Deep Dive |
| CVE-2026-50813 | SQLite < 869a51ae84df 会话扩展信息泄露 | - | - | Medium | 6.1 | 2026-07-08 00:00:00 | Deep Dive |
| CVE-2026-36027 | Android Companion Hub SQ3A.220705.003.A1 ADB远程代码执行漏洞 | - | - | - | - | 2026-07-08 00:00:00 | Deep Dive |
| CVE-2026-36028 | Code 27 Companion Hub漏洞:绕过kiosk限制 | - | - | - | - | 2026-07-08 00:00:00 | Deep Dive |
| CVE-2026-52200 | Generic OEM UZ801_v2.1路由器V3.4.3远程代码执行漏洞 | - | - | - | - | 2026-07-08 00:00:00 | Deep Dive |
| CVE-2026-35552 | CAXperts UPVWebServices/UDiTH Portal 授权绕过致License失效 | - | - | - | - | 2026-07-08 00:00:00 | Deep Dive |
| CVE-2026-51535 | OpENer 2.3.0网络处理循环资源耗尽导致拒绝服务漏洞 | - | - | - | - | 2026-07-08 00:00:00 | Deep Dive |
| CVE-2026-39178 | SOGo<5.12.7 SQL注入漏洞 | - | - | - | - | 2026-07-08 00:00:00 | Deep Dive |
| CVE-2026-39179 | SOGo <5.12.7 认证用户SQL注入漏洞 | - | - | - | - | 2026-07-08 00:00:00 | Deep Dive |
| CVE-2026-31309 | Mysterium Node <1.36.0 配置权限绕过致节点接管 | - | - | - | - | 2026-07-08 00:00:00 | Deep Dive |